We are currently working on the feature of adding a picture to Hubspot Contact using OAuth authentication. All the time we get such an error: code - 403 “This OAuth-token (XXX) does not have proper permissions! (requires any of [file-manager-access]). When we do the same actions but using Api key everything works well. We have got a test account. Is it possible that this error will not occur with a usual account?
When utilizing oAuth, you have to request certain ‘scopes’ when initializing the oAuth connection. These scopes give that access token access to certain tools in HubSpot, but not others. If you’re trying to import files, you will need to add the ‘files’ scope when initializing the connection (and, once added to your scope, you will need to re-authorize the user).
You can read more about scopes at the bottom of this article: https://developers.hubspot.com/docs/methods/oauth2/initiate-oauth-integration
The reason you can do this with an API key is because the HAPI key gives access to ALL actions within the portal. This is inherent in why oAuth is a more secure method - the authorized user is only giving access to certain parts of the application.